At many banks, the chief risk officer is an increasingly strategic executive position. Too much risk could expose the entire firm to financial harm, as the most recent crisis has made clear. Too little risk can equate with lost profits. We've seen examples of that as well. While many tend to think of risk in terms of IT, the CRO at a top bank is mainly focused on portfolio risk. The IT component, however, cannot be understated.

At Citi (NYSE: C), Brian Leach has won some rave reviews as CRO. One forward thinking move was to tweak the IT support of the risk management function. According to the Wall Street Journal, he had Citigroup's technology specialists design "a system to better see all exposure to assets at one time, such as real estate embedded in securities and home loans. Mr. Leach now can shock the portfolios to see how they would perform in different economic cycles, such as when home prices drop."

This is a standard move by an CRO. You need an IT-driven view of all exposures. That may well be the key determinant of success. Beyond portfolio risk, there are other imperatives. And even if a CRO comes from the trading side, he or she would be wise to bone on other forms of risk. Security is a great example, especially true at financial services firms. The CRO would be wise not to shirk this duty or lay it off completely on the security managers. It is worthy of attention as well.

For more:
- here's the article

Related Articles:
A golden era for risk managers on Wall Street?
A new call to break down risk management silos
Risk managers overlooked in reform